Drupal Update
1943Warning Date
Severity Level
Warning Number
Target Sector
21 May, 2020
● Medium
2020-1262
All
Description:
Drupal has released security update to address multiple vulnerabilities in the following versions:
- Drupal 8.8
- Drupal 8.7
- Drupal 7.x
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Cross-site scripting (XSS) attack.
- User could be tricked into visiting a specially crafted link which would redirect them to an arbitrary external URL.
Best practice and Recommendations:
The CERT team encourages users to review Drupal security advisory and apply the necessary updates: